Which Cryptographic Algorithms Are at Risk?
Quantum risk is not equal across all cryptography; public-key algorithms are the main migration priority.
Four Practical Risk Categories
This map keeps the first screen focused on categories and action, not a dense algorithm table.
Public-key cryptography
Reason: public-key assumptions affected by Shor’s algorithm
Priority: find and plan migration
Symmetric encryption
Reason: Grover’s algorithm affects search differently
Priority: review security margins, not the same migration path as RSA/ECC
Hash functions
Reason: affected differently from public-key cryptography
Priority: review where used and required strength
Real systems
Reason: algorithms appear inside real systems
Priority: inventory and ownership
Do not ask only: Which algorithms are risky? Ask: Where are they used, who owns them, and how difficult are they to replace?
Short Answer
The main quantum risk is not spread evenly across all cryptography.
Public-key algorithms are the main priority
The most important concern is public-key cryptography. This includes RSA, Diffie-Hellman, ECDH, ECDSA, and other elliptic-curve-based systems.
These algorithms are widely used for key exchange, digital signatures, certificates, identity, VPNs, TLS, software updates, and trust chains.
Symmetric encryption and hashes are different
Symmetric encryption and hash functions are different. They still need review, but they are not affected in the same way as RSA or elliptic-curve cryptography.
Systems matter more than names
For companies, the useful question is not only “Which algorithm is risky?” It is also: “Where is this algorithm used, who controls it, and how hard will it be to change?”
Core Explanation
Public-key cryptography is the main migration area
Post-quantum migration mostly focuses on public-key cryptography.
This is where RSA, Diffie-Hellman, ECDH, ECDSA, and related methods matter.
- agreeing keys over a network
- proving identity
- validating certificates
- signing software or documents
- building trust between systems
Symmetric encryption is not the same problem
Symmetric encryption, such as AES-style encryption, protects data using a shared secret key.
Future quantum attacks affect symmetric security margins differently. In many cases, the answer is parameter review or stronger key sizes, not the same kind of full public-key replacement.
Grover’s algorithm is the main quantum-search concern for symmetric cryptography, but symmetric cryptography is not the primary PQC migration problem.
That does not make symmetric encryption unimportant.
It means it belongs in a different risk category.
Hash functions are also different
Hash functions are used for integrity, fingerprints, signatures, certificates, password handling, and many other security functions.
They are also affected differently from RSA and elliptic-curve systems.
For a beginner reader, the key distinction is simple: public-key cryptography is the main PQC migration problem. Symmetric encryption and hashes need review, but not the same replacement logic.
Algorithm risk must be connected to systems
An algorithm name alone is not enough.
A company needs to know where that algorithm appears.
This is where algorithm risk becomes operational risk.
- in TLS
- in VPNs
- in certificates
- in code-signing systems
- in identity platforms
- in cloud services
- in vendor products
- in hardware, firmware, and embedded systems
Why It Matters
This matters because companies do not migrate “algorithms” in isolation.
They migrate systems.
The algorithm may be inside a TLS library, a certificate profile, a VPN product, a software-signing process, a firmware update mechanism, a cloud service, or a supplier platform.
If the organisation only has a list of algorithm names, it still does not know what to do.
The useful output is a connection between algorithm, system, owner, vendor, data, and migration priority.
Detailed Algorithm View
The detailed view is useful after the risk map, but it should not be the first thing readers see.
| Cryptography type | Common examples | Where you may see it | Quantum risk profile | Migration priority | Simple explanation |
|---|---|---|---|---|---|
| Public-key encryption / key exchange | RSA, DH, ECDH | TLS, VPNs, secure connections, certificates, identity systems | Main area of concern | High | These systems rely on mathematical problems that powerful quantum computers may attack differently. |
| Digital signatures | RSA signatures, ECDSA | Certificates, software updates, code signing, documents, identity | Main area of concern | High | Signatures prove trust and authenticity, so weak signature systems can affect many dependencies. |
| Symmetric encryption | AES-style encryption | Bulk data encryption, storage, tunnels, applications | Affected differently | Review parameters | Not the same migration problem as RSA/ECC, but security margins and key sizes still matter. |
| Hash functions | SHA-2, SHA-3-style hashing | Integrity checks, certificates, signatures, password systems, identifiers | Affected differently | Review context | Hashes are important, but they are not replaced in the same way as public-key algorithms. |
| Protocol and system use | TLS, VPN, PKI, SSO, firmware update systems | Real infrastructure | Depends on embedded algorithms | Inventory needed | The same algorithm can appear in many systems, products, and vendor-controlled components. |
Practical Example
An elliptic-curve certificate finding
A company discovers that it uses elliptic-curve certificates on a public customer portal.
That finding is useful, but incomplete.
The next questions are:
Questions to ask
- Which system uses the certificate?
- Which team owns it?
- Which certificate authority is involved?
- Which TLS stack is used?
- Is the platform managed internally or by a vendor?
- What data passes through the portal?
- How long must that data stay confidential?
- Can the system support hybrid or post-quantum options later?
This is why algorithm risk leads naturally to crypto discovery and inventory work.
Common Misunderstanding
“Some algorithms are safe and some are broken.”
The useful question is more practical. Some public-key algorithm families are the main migration priority. Symmetric encryption and hashes are affected differently. Real risk depends on where the algorithm is used, what it protects, and how difficult it is to replace.
What to Remember
One-Sentence Summary
Public-key cryptography is the main PQC migration priority, while symmetric encryption and hash functions need a different kind of review.
Three Key Points
- RSA, Diffie-Hellman, ECDH, ECDSA, and related systems need attention.
- Symmetric encryption and hash functions are affected differently.
- Algorithm risk becomes useful only when connected to real systems and owners.